<?php
// @formatter:off
/**
 * @file s.login.php
 * @author Alejandro Dario Simi
 * @date $Date: 2013-05-13 04:08:49 +0000 (Mon, 13 May 2013) $
 *
 * $Id: s.login.php 64 2013-05-13 04:08:49Z daemonraco@gmail.com $
 * $URL: http://wcomix.googlecode.com/svn/tags/wcomix-1.0.0.2/services/s.login.php $
 */
// @formatter:on

$noCache = true;
$wcServiceStatus = false;
$wcServiceErrorCode = 500;

if(defined('__SERVICE__') && $wcProfile->allowedTo(WC_PERM_USER_LOGIN)) {
	if($_SERVER["REQUEST_METHOD"] == "POST") {
		if(!$wcSession->isLogged()) {
			$username = strtolower(turldecode(@$_POST["username"]));
			$password = turldecode(@$_POST["password"]);

			$user = new WCUser();
			$isOk = $user->loadByAuth($username, md5($password));

			if($isOk) {
				if($user->webAccess()) {
					setcookie(WC_COOKIE_KEEPME_USER, "", 1);
					setcookie(WC_COOKIE_KEEPME_HASH, "", 1);
					setcookie(WC_COOKIE_KEEPME_NAME, "", 1);

					$isOk = $wcSession->login($user->id);
					if($isOk) {
						if(isset($_POST["keepme"]) && $_POST["keepme"] == "Y") {
							$wcSession->setRememberMe();
						}
						$wcServiceStatus = true;
					} else {
						$wcServiceErrorCode = 403;
						$wcServiceErrorMsg = "Username and password are correct, but session could not be started";
					}
				} else {
					$wcServiceErrorCode = 403;
					$wcServiceErrorMsg = "User has no web access";
				}
			} else {
				$wcServiceErrorCode = 403;
				$wcServiceErrorMsg = "Username or password incorrect";
			}
		} else {
			$wcServiceErrorMsg = "Session already started";
		}
	} else {
		$wcServiceErrorCode = 403;
		$wcServiceErrorMsg = "This service only works on POST method";
	}
} else {
	$wcServiceErrorCode = 403;
	$wcServiceErrorMsg = "Unable to access service";
}
?>